TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / pfalcon / trusted-firmware-m / 2ed48fd782655c0f80e6805dfd76d3765a1c8720 / . / interface / include / tfm_crypto_defs.h
blob: 5d429a8b43b4967e1de43adb859da4bf930b164b [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelisc26af632021-10-07 15:04:12 +0100[diff] [blame]2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __TFM_CRYPTO_DEFS_H__
9#define __TFM_CRYPTO_DEFS_H__
10
11#ifdef __cplusplus
12extern "C" {
13#endif
14
15#include <stdint.h>
16#include <limits.h>
17#include "tfm_api.h"
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]18#include "psa/crypto.h"
Raef Coles79809c72022-03-02 13:48:20 +0000[diff] [blame]19#ifdef PLATFORM_DEFAULT_CRYPTO_KEYS
20#include "crypto_keys/tfm_builtin_key_ids.h"
21#else
22#include "tfm_builtin_key_ids.h"
23#endif /* PLATFORM_DEFAULT_CRYPTO_KEYS */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]24
25/**
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]26 * \brief This type is used to overcome a limitation in the number of maximum
27 * IOVECs that can be used especially in psa_aead_encrypt and
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]28 * psa_aead_decrypt.
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]29 */
30#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u)
31struct tfm_crypto_aead_pack_input {
32 uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH];
33 uint32_t nonce_length;
34};
35
36/**
37 * \brief Structure used to pack non-pointer types in a call
38 *
39 */
40struct tfm_crypto_pack_iovec {
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]41 psa_key_id_t key_id; /*!< Key id */
42 psa_algorithm_t alg; /*!< Algorithm */
43 uint32_t op_handle; /*!< Frontend context handle associated to a
44 * multipart operation
45 */
46 size_t capacity; /*!< Key derivation capacity */
47 size_t ad_length; /*!< Additional Data length for multipart AEAD */
48 size_t plaintext_length; /*!< Plaintext length for multipart AEAD */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]49
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]50 struct tfm_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]51
52 uint16_t function_id; /*!< Used to identify the function in the
53 * API dispatcher to the service backend
54 * See tfm_crypto_func_sid for detail
55 */
56 uint16_t step; /*!< Key derivation step */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]57};
58
59/**
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]60 * \brief Type associated to the group of a function encoding. There can be
61 * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
62 * Asym sign, Asym encrypt, Key derivation).
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]63 */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]64enum tfm_crypto_group_id {
65 TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
66 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
67 TFM_CRYPTO_GROUP_ID_HASH,
68 TFM_CRYPTO_GROUP_ID_MAC,
69 TFM_CRYPTO_GROUP_ID_CIPHER,
70 TFM_CRYPTO_GROUP_ID_AEAD,
71 TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
72 TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
73 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
74};
75
76/* X macro describing each of the available PSA Crypto APIs */
77#define KEY_MANAGEMENT_FUNCS \
78 X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
79 X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
80 X(TFM_CRYPTO_OPEN_KEY) \
81 X(TFM_CRYPTO_CLOSE_KEY) \
82 X(TFM_CRYPTO_IMPORT_KEY) \
83 X(TFM_CRYPTO_DESTROY_KEY) \
84 X(TFM_CRYPTO_EXPORT_KEY) \
85 X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
86 X(TFM_CRYPTO_PURGE_KEY) \
87 X(TFM_CRYPTO_COPY_KEY) \
88 X(TFM_CRYPTO_GENERATE_KEY)
89
90#define HASH_FUNCS \
91 X(TFM_CRYPTO_HASH_COMPUTE) \
92 X(TFM_CRYPTO_HASH_COMPARE) \
93 X(TFM_CRYPTO_HASH_SETUP) \
94 X(TFM_CRYPTO_HASH_UPDATE) \
95 X(TFM_CRYPTO_HASH_CLONE) \
96 X(TFM_CRYPTO_HASH_FINISH) \
97 X(TFM_CRYPTO_HASH_VERIFY) \
98 X(TFM_CRYPTO_HASH_ABORT)
99
100#define MAC_FUNCS \
101 X(TFM_CRYPTO_MAC_COMPUTE) \
102 X(TFM_CRYPTO_MAC_VERIFY) \
103 X(TFM_CRYPTO_MAC_SIGN_SETUP) \
104 X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
105 X(TFM_CRYPTO_MAC_UPDATE) \
106 X(TFM_CRYPTO_MAC_SIGN_FINISH) \
107 X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
108 X(TFM_CRYPTO_MAC_ABORT)
109
110#define CIPHER_FUNCS \
111 X(TFM_CRYPTO_CIPHER_ENCRYPT) \
112 X(TFM_CRYPTO_CIPHER_DECRYPT) \
113 X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
114 X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
115 X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
116 X(TFM_CRYPTO_CIPHER_SET_IV) \
117 X(TFM_CRYPTO_CIPHER_UPDATE) \
118 X(TFM_CRYPTO_CIPHER_FINISH) \
119 X(TFM_CRYPTO_CIPHER_ABORT)
120
121#define AEAD_FUNCS \
122 X(TFM_CRYPTO_AEAD_ENCRYPT) \
123 X(TFM_CRYPTO_AEAD_DECRYPT) \
124 X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
125 X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
126 X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
127 X(TFM_CRYPTO_AEAD_SET_NONCE) \
128 X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
129 X(TFM_CRYPTO_AEAD_UPDATE_AD) \
130 X(TFM_CRYPTO_AEAD_UPDATE) \
131 X(TFM_CRYPTO_AEAD_FINISH) \
132 X(TFM_CRYPTO_AEAD_VERIFY) \
133 X(TFM_CRYPTO_AEAD_ABORT)
134
135#define ASYMMETRIC_SIGN_FUNCS \
136 X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
137 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
138 X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
139 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
140
141#define AYSMMETRIC_ENCRYPT_FUNCS \
142 X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
143 X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
144
145#define KEY_DERIVATION_FUNCS \
146 X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
147 X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
148 X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
149 X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
150 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
151 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
152 X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
153 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
154 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
155 X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
156
157#define RANDOM_FUNCS \
158 X(TFM_CRYPTO_GENERATE_RANDOM)
159
160/*
161 * Define function IDs in each group. The function ID will be encoded into
162 * tfm_crypto_func_sid below.
163 * Each group is defined as a dedicated enum in case the total number of
164 * PSA Crypto APIs exceeds 256.
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]165 */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]166#define X(func_id) func_id,
167enum tfm_crypto_key_management_func_id {
168 KEY_MANAGEMENT_FUNCS
169};
170enum tfm_crypto_hash_func_id {
171 HASH_FUNCS
172};
173enum tfm_crypto_mac_func_id {
174 MAC_FUNCS
175};
176enum tfm_crypto_cipher_func_id {
177 CIPHER_FUNCS
178};
179enum tfm_crypto_aead_func_id {
180 AEAD_FUNCS
181};
182enum tfm_crypto_asym_sign_func_id {
183 ASYMMETRIC_SIGN_FUNCS
184};
185enum tfm_crypto_asym_encrypt_func_id {
186 AYSMMETRIC_ENCRYPT_FUNCS
187};
188enum tfm_crypto_key_derivation_func_id {
189 KEY_DERIVATION_FUNCS
190};
191enum tfm_crypto_random_func_id {
192 RANDOM_FUNCS
193};
194#undef X
195
196#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
197
198/*
199 * Numerical progressive value identifying a function API exposed through
200 * the interfaces (S or NS). It's used to dispatch the requests from S/NS
201 * to the corresponding API implementation in the Crypto service backend.
202 *
203 * Each function SID is encoded as uint16_t.
204 * | Func ID | Group ID |
205 * 15 8 7 0
206 * Func ID is defined in each group func_id enum above
207 * Group ID is defined in tfm_crypto_group_id.
208 */
209enum tfm_crypto_func_sid {
210
211#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
212 (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
213
214 KEY_MANAGEMENT_FUNCS
215
216#undef X
217#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
218 (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
219 HASH_FUNCS
220
221#undef X
222#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
223 (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
224 MAC_FUNCS
225
226#undef X
227#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
228 (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
229 CIPHER_FUNCS
230
231#undef X
232#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
233 (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
234 AEAD_FUNCS
235
236#undef X
237#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
238 (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
239 ASYMMETRIC_SIGN_FUNCS
240
241#undef X
242#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
243 (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
244 AYSMMETRIC_ENCRYPT_FUNCS
245
246#undef X
247#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
248 (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
249 KEY_DERIVATION_FUNCS
250
251#undef X
252#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
253 (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
254 RANDOM_FUNCS
255
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]256};
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]257#undef X
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]258
259/**
Edison Ai080b2e22019-04-17 16:27:21 +0800[diff] [blame]260 * \brief Define an invalid value for an SID
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]261 *
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]262 */
Edison Ai080b2e22019-04-17 16:27:21 +0800[diff] [blame]263#define TFM_CRYPTO_SID_INVALID (~0x0u)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]264
265/**
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]266 * \brief This value is used to mark an handle as invalid.
267 *
268 */
Jamie Fox707caf72019-05-29 15:14:18 +0100[diff] [blame]269#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]270
271/**
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]272 * \brief Define miscellaneous literal constants that are used in the service
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]273 *
274 */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]275enum {
276 TFM_CRYPTO_NOT_IN_USE = 0,
277 TFM_CRYPTO_IN_USE = 1
278};
279
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]280#ifdef __cplusplus
281}
282#endif
283
284#endif /* __TFM_CRYPTO_DEFS_H__ */